Amaziko edatha anamhlanje anamakhulu ezixhobo ezisebenzayo ezifakiweyo, ezigqunywe ziindidi ezahlukeneyo zokubeka iliso. Kodwa nokuba injineli efanelekileyo enokubeka iliso okugqibeleleyo esandleni iya kuba nakho ukuphendula ngokuchanekileyo ukusilela kwenethiwekhi kwimizuzu nje embalwa. Kwingxelo kwinkomfa elandelayo ye-Next Hop 2020, ndibonise indlela yoyilo lwenethiwekhi yeziko ledatha, enento ekhethekileyo - iziko ledatha liziphilisa kwi-milliseconds. Ngokuchanekileyo, injineli ilungisa ngokuzolileyo ingxaki, ngelixa iinkonzo zingayiqapheli.
Kwiinjineli ezininzi zenethiwekhi, inethiwekhi yedatha yedatha iqala, ngokuqinisekileyo, kunye ne-ToR, kunye nokutshintsha kwi-rack. I-ToR idla ngokuba neentlobo ezimbini zekhonkco. Abancinci baya kubancedisi, abanye - kukho amaxesha angama-N ngaphezulu kwabo - baya kwi-spines yenqanaba lokuqala, oko kukuthi, kwii-uplinks zayo. I-Uplinks idla ngokuthathwa njengelinganayo, kwaye i-traffic phakathi kwe-uplinks ilinganiswe ngokusekelwe kwi-hash esuka kwi-5-tuple, equka i-proto, i-src_ip, i-dst_ip, i-src_port, i-dst_port. Akukho nto imangalisayo apha.
Okulandelayo, ingaba uyilo lweplani lukhangeleka njani? Imigca yenqanaba lokuqala ayidityaniswanga omnye nomnye, kodwa idityaniswe nge-superspines. Unobumba u-X uya kuba noxanduva lwe-supersspines; iphantse yafana nokudibanisa.
Kwaye kucacile ukuba, ngakolunye uhlangothi, i-tori idibaniswe kuzo zonke ii-spines zenqanaba lokuqala. Yintoni ebalulekileyo kulo mfanekiso? Ukuba sinonxibelelwano ngaphakathi kwi-rack, ke intsebenziswano, ngokuqinisekileyo, ihamba ngeToR. Ukuba ukusebenzisana kwenzeka ngaphakathi kwimodyuli, ngoko ukusebenzisana kwenzeka ngemigangatho yenqanaba lokuqala. Ukuba intsebenziswano i-intermodular - njengalapha, i-ToR 1 kunye ne-ToR 2 - ke intsebenziswano iya kuhamba ngee-spines zombini kunye nenqanaba lesibini.
Kwithiyori, i-architecture enjalo ilula ngokukhawuleza. Ukuba sinomthamo we-port, indawo egciniweyo kwiziko ledatha kunye nefiber ebekwe ngaphambili, ngoko inani lemizila lingahlala linyuswa, ngaloo ndlela ukwandisa umthamo wonke wenkqubo. Oku kulula kakhulu ukwenza ephepheni. Kuya kuba njalo ebomini. Kodwa ibali lanamhlanje alikho ngaloo nto.
Ndifuna kuthathwe izigqibo ezifanelekileyo. Sineendlela ezininzi ngaphakathi kwiziko ledatha. Bazimele ngokwemiqathango. Indlela enye ngaphakathi kwiziko ledatha inokwenzeka kuphela ngaphakathi kweToR. Ngaphakathi kwimodyuli, sinenani leendlela ezilingana nenani leendlela. Inani leendlela phakathi kweemodyuli lilingana nemveliso yenani leendiza kunye nenani lee-superspines kwindiza nganye. Ukwenza kucace ngakumbi, ukufumana ingqiqo yesikali, ndiya kunika amanani afanelekileyo kwelinye lamaziko edatha yeYandex.
Kukho iinqwelo-moya ezisibhozo, inqwelomoya nganye ineentsinjana ezingama-32. Ngenxa yoko, kuvela ukuba kukho iindlela ezisibhozo ngaphakathi kwimodyuli, kwaye ngokudibana kwe-intermodule sele kukho i-256 yazo.
Oko kukuthi, ukuba siphuhlisa i-Cookbook, sizama ukufunda indlela yokwakha amaziko edatha anyamezelayo aziphilise ngokwabo, ngoko uyilo olucwangcisiweyo lukhetho olufanelekileyo. Isombulula ingxaki yokulinganisa, kwaye kwithiyori kulula. Kukho iindlela ezininzi ezizimeleyo. Umbuzo usamile: njani i-architecture enjalo isinda kwiintsilelo? Kukho iintsilelo ezahlukeneyo. Kwaye siza kuxoxa ngoku.
Vumela enye yee-superspines zethu "igule". Apha ndabuyela kuyilo lweenqwelomoya ezimbini. Siza kunamathela kwezi njengomzekelo kuba kuya kuba lula ukubona ukuba kuqhubeka ntoni na ngeendawo ezimbalwa ezihambayo. X11 makagule. Oku kuya kuzichaphazela njani iinkonzo ezihlala ngaphakathi kumaziko edatha? Okuninzi kuxhomekeke ekubeni ukusilela kujongeka njani.
Ukuba ukungaphumeleli kukuhle, kubanjwe kwinqanaba elizenzekelayo le-BFD efanayo, i-automation ibeka ngokuvuya amajoyina anengxaki kwaye ihlukanise ingxaki, ngoko yonke into ilungile. Sineendlela ezininzi, i-traffic iphinda isiwe kwezinye iindlela, kwaye iinkonzo aziyi kuqaphela nto. Lo ngumbhalo olungileyo.
Imeko embi kukuba sinelahleko rhoqo, kwaye i-automation ayiboni ingxaki. Ukuqonda ukuba oku kusichaphazela njani isicelo, kuya kufuneka sichithe ixesha elincinci sixoxa ngendlela esebenza ngayo i-TCP.
Ndiyathemba ukuba andothuki nabani na ngolu lwazi: i-TCP yiprotocol yokuqinisekisa uthumelo. Oko kukuthi, kwimeko elula, umthumeli uthumela iipakethi ezimbini kwaye ufumana i-acck ack kuzo: "Ndifumene iipakethi ezimbini."
Emva koko, uya kuthumela iipakethi ezimbini, kwaye imeko iya kuphinda. Ndicela uxolo in advance ngokwenza lula. Lo mzekelo uchanekile ukuba ifestile (inani leepakethi kwinqwelomoya) zimbini. Kakade ke, kwimeko eqhelekileyo oku akunjalo. Kodwa ubungakanani befestile abuchaphazeli umongo wokuhambisa ipakethe.
Kwenzeka ntoni ukuba silahlekelwe yipakethi yesi-3? Kule meko, umamkeli uya kufumana iipakethi 1, 2 kunye ne-4. Kwaye uya kumxelela ngokucacileyo umthumeli usebenzisa inketho ye-SACK: "Uyazi, abathathu bafikile, kodwa umbindi ulahlekile." Uthi, "Ack 2, SACK 4."
Okwangoku, umthumeli ngaphandle kweengxaki uphinda kanye ipakethi ebilahlekile.
Kodwa ukuba ipakethe yokugqibela kwifestile ilahlekile, imeko iya kubonakala ihluke ngokupheleleyo.
Umamkeli ufumana iipakethi ezintathu zokuqala kwaye kuqala kuzo zonke uqala ukulinda. Enkosi kwezinye izinto ezilungiselelweyo kwi-Linux kernel's TCP stack, iya kulinda ipakethe edityanisiweyo ngaphandle kokuba iiflegi zibonisa ngokucacileyo ukuba yipakethi yokugqibela okanye into efanayo. Iza kulinda de i-Delayed ACK timeout iphelelwe kwaye emva koko ithumele isivumo kwiipakethi ezintathu zokuqala. Kodwa ngoku umthumeli uya kulinda. Andazi nokuba iphakheji yesine ilahlekile okanye sele iza kufika. Kwaye ukuze ungalayishi kakhulu inethiwekhi, iya kuzama ukulinda isalathiso esicacileyo sokuba ipakethi ilahlekile, okanye i-RTO timeout iphelelwe.
Yintoni ixesha le-RTO? Lo ngowona buninzi be-RTT ebalwa yi-TCP stack kunye nezinye eziqhubekayo. Luhlobo luni lokuzingisa oku, ngoku siza kuxoxa.
Kodwa into ebalulekileyo kukuba ukuba singenalo inhlanhla kwakhona kwaye ipakethi yesine ilahlekile kwakhona, ngoko i-RTO iphindwe kabini. Oko kukuthi, umzamo ngamnye ongaphumelelanga uthetha ukuphinda-phinda ixesha lokuvala.
Ngoku makhe sibone ukuba esi siseko silingana nantoni. Ngokungagqibekanga, ubuncinci be-RTO ngama-200 ms. Le yiRTO encinci yeepakethe zedatha. Kwiipakethi ze-SYN zahlukile, umzuzwana omnye. Njengoko ubona, kwanomzamo wokuqala wokuthumela kwakhona iipakethi kuya kuthatha amaxesha angama-1 ubude kune-RTT ngaphakathi kwiziko ledatha.
Ngoku makhe sibuyele kwimeko yethu. Kuqhubeka ntoni ngenkonzo? Inkonzo iqala ukuphulukana neepakethi. Vumela inkonzo ibe nethamsanqa ngokwemeko ekuqaleni kwaye ilahlekelwe yinto embindini wefestile, emva koko ifumana i-SACK kwaye ithumele kwakhona iipakethi ezilahlekileyo.
Kodwa ukuba ishwa liziphinda, ngoko sine-RTO. Yintoni ebalulekileyo apha? Ewe, sineendlela ezininzi kuthungelwano lwethu. Kodwa itrafikhi ye-TCP yoxhulumaniso oluthile lwe-TCP luya kuqhubeka nokuhamba kwi-stack efanayo eyaphukileyo. Ukulahleka kwepakethi, ngaphandle kokuba le X11 yethu yomlingo ayiphumi yodwa, ayikhokelela ekubeni izithuthi zingene kwiindawo ezingenangxaki. Sizama ukuhambisa ipakethi ngokusebenzisa istaki esaphukileyo esifanayo. Oku kukhokelela ekungaphumelelini kwe-cascading: isikhungo sedatha siseti yezicelo ezisebenzisanayo, kwaye ezinye ze-TCP zokudibaniswa kwazo zonke ezi zicelo ziqala ukuthotywa - kuba i-superspine ichaphazela ngokubanzi zonke izicelo ezingaphakathi kwiziko ledatha. Njengoko ilizwi lisitsho: ukuba ubunganxibi ihashe, ihashe laliqhwalela; ihashe laba sisiqhwala, ingxelo ayiziswanga; ingxelo ayizange ihanjiswe - siphulukene nemfazwe. Kuphela apha ubalo lukwimizuzwana ukusuka kwithuba lengxaki ukuya kwinqanaba lokuthotywa kweenkonzo eziqala ukuziva. Oku kuthetha ukuba abasebenzisi banokuphoswa yinto ethile kwenye indawo.
Kukho izisombululo ezimbini zakudala ezihambelanayo. Eyokuqala ziinkonzo ezizama ukubeka iindiza kunye nokusombulula ingxaki efana nale: βMasilungise into kwisitaki se-TCP. Masenze ixesha lokuphuma kwinqanaba lesicelo okanye iiseshoni ze-TCP ezihlala ixesha elide kunye nokuhlolwa kwezempilo kwangaphakathi. " Ingxaki kukuba izisombululo ezinjalo: a) azikhuli kwaphela; b) azikhangelwa kakuhle. Okokuthi, nokuba inkonzo ilungiselela ngengozi isitaki se-TCP ngendlela eyenza kube ngcono, okokuqala, akunakwenzeka ukuba isebenze kuzo zonke izicelo kunye nawo onke amaziko edatha, kwaye okwesibini, mhlawumbi, ayiyi kuqonda ukuba yenziwe. ngokuchanekileyo, kwaye akunjalo. Oko kukuthi, iyasebenza, kodwa ayisebenzi kakuhle kwaye ayilinganisi. Kwaye ukuba kukho ingxaki yenethiwekhi, ngubani onetyala? Ngokuqinisekileyo, i-NOC. I-NOC yenza ntoni?
Iinkonzo ezininzi zikholelwa ukuba kumsebenzi we-NOC kwenzeka into enje. Kodwa ukunyaniseka, kungekhona oko kuphela.
I-NOC kwisikimu seklasiki ibandakanyeka kuphuhliso lweenkqubo ezininzi zokubeka iliso. Ezi zombini ibhokisi emnyama kunye nebhokisi emhlophe esweni. Malunga nomzekelo webhokisi elimnyama lokubeka iliso lomqolo Alexander Klimenko kwiHop yokugqibela elandelayo. Ngendlela, oku kubeka iliso kuyasebenza. Kodwa nokubekwa esweni okufanelekileyo kuya kuba nexesha elisemva. Ngokuqhelekileyo le yimizuzu embalwa. Emva kokuba ihambile, iinjineli ezisemsebenzini zifuna ixesha lokuphinda zijonge ukusebenza kwayo, zibeke ingxaki kwindawo yazo kwaye ziyicime indawo eyingxaki. Oko kukuthi, kwimeko engcono, ukunyanga ingxaki kuthatha imizuzu emi-5, kwimeko embi kakhulu, imizuzu engama-20, ukuba ayibonakali ngokukhawuleza apho ilahleko iyenzeka khona. Kucacile ukuba lonke eli xesha - imizuzu emi-5 okanye engama-20 - iinkonzo zethu ziya kuqhubeka zibandezeleka, mhlawumbi akulungile.
Yintoni ngokwenene ongathanda ukuyifumana? Sineendlela ezininzi. Kwaye iingxaki zivela ngokuchanekileyo ngenxa yokuba i-TCP ihamba ngeshwa iqhubeka nokusebenzisa indlela enye. Sidinga into eya kusivumela ukuba sisebenzise iindlela ezininzi ngaphakathi koqhagamshelwano lwe-TCP enye. Kubonakala ngathi sinesisombululo. Kukho i-TCP, ebizwa ngokuba yi-multipath TCP, oko kukuthi, i-TCP yeendlela ezininzi. Enyanisweni, yaphuhliswa umsebenzi owahluke ngokupheleleyo - kwii-smartphones ezinezixhobo ezininzi zenethiwekhi. Ukwandisa ugqithiselo okanye ukwenza imowudi yokuqala/yogcino, indlela yaphuhliswa eyenza imisonto emininzi (iiseshoni) ngokuphandle kwisicelo kwaye ikuvumela ukuba utshintshe phakathi kwayo xa kukho ukusilela. Okanye, njengoko benditshilo, yandisa i-streak.
Kodwa kukho i-nuance apha. Ukuze siqonde ukuba yintoni na, kuya kufuneka sijonge indlela imisonto esekwe ngayo.
Imisonto ifakwe ngokulandelelanayo. Umsonto wokuqala ufakwe kuqala. Imisonto elandelayo isetwa kusetyenziswa icookie esele kuvunyelwene ngayo kulo msonto. Nantsi ke ingxaki.
Ingxaki kukuba, ukuba intambo yokuqala ayizinzisi ngokwayo, intambo yesibini neyesithathu ayinakuze ivele. Oko kukuthi, i-TCP ye-multipath ayisombululi ukulahlekelwa kwepakethi ye-SYN ekuhambeni kokuqala. Kwaye ukuba i-SYN ilahleka, i-TCP yobuninzi beendlela ijika ibeyi-TCP eqhelekileyo. Oku kuthetha ukuba kwindawo yeziko ledatha akuyi kusinceda ukuxazulula ingxaki yokulahlekelwa kwifektri kwaye sifunde ukusebenzisa iindlela ezininzi xa kwenzeka ukungaphumeleli.
Yintoni enokusinceda? Abanye benu sele beqikelele kwisihloko ukuba indawo ebalulekileyo kwibali lethu elingaphezulu iya kuba yi-IPv6 flow label header field. Ngokwenene, le yintsimi ebonakala kwi-v6, ayikho kwi-v4, ithatha ama-bits angama-20, kwaye kukho ingxabano malunga nokusetyenziswa kwayo ixesha elide. Oku kunomdla kakhulu - kwakukho iingxabano, into ethile yalungiswa ngaphakathi kwe-RFC, kwaye ngexesha elifanayo ukuphunyezwa kwabonakala kwi-Linux kernel, eyayingabhalwanga naphi na.
Ndiyakumema ukuba uhambe nam kuphando oluncinci. Makhe sijonge into ebisenzeka kwiLinux kernel kule minyaka imbalwa idlulileyo.
unyaka ka-2014. Injineli evela kwinkampani enye enkulu kwaye ehlonitshwayo yongeza ekusebenzeni kweLinux kernel ukuxhomekeka kwexabiso lelebhile yokuhamba kwi-socket hash. Bebezama ukulungisa ntoni apha? Oku kunxulumene neRFC 6438, eyayixubusha lo mbandela ulandelayo. Ngaphakathi kwiziko ledatha, i-IPv4 ihlala igqunywe kwiipakethi ze-IPv6, kuba umzi-mveliso ngokwawo uyi-IPv6, kodwa i-IPv4 kufuneka ngandlela thile inikwe ngaphandle. Ixesha elide bekukho iingxaki kunye nokutshintsha okungenakujonga phantsi kweentloko ezimbini ze-IP ukuya kwi-TCP okanye kwi-UDP kwaye ufumane i-src_ports, i-dst_ports apho. Kwavela ukuba i-hash, ukuba ujonga iintloko ezimbini zokuqala ze-IP, zajika zaphantse zalungiswa. Ukuze ugweme oku, ukwenzela ukuba ukulungelelaniswa kwesi sitrato esifihliweyo sisebenze ngokuchanekileyo, kwakucetywayo ukongeza i-hash ye-5-tuple efakwe kwipakethi ehlanganisiweyo kwixabiso lentsimi yelebula yokuhamba. Ngokumalunga nento enye eyenziwa kwezinye izikimu ze-encapsulation, ze-UDP, ze-GRE, le yokugqibela yasebenzisa i-GRE Key field. Enye indlela okanye enye, iinjongo apha zicacile. Kwaye ubuncinci ngelo xesha zaziluncedo.
Ngo-2015, isiqwenga esitsha sivela kwinjineli efanayo ehlonitshwayo. Unomdla kakhulu. Itsho oku kulandelayo - siyakwenza ukuba i-hash ilandelelanise kwimeko yesiganeko esibi somzila. Yintoni isiganeko esibi sendlela? Le yi-RTO ebesixoxe ngayo ngaphambili, oko kukuthi, ukulahleka komsila wefestile sisiganeko esibi ngokwenene. Liyinyaniso elokuba, kunzima ukuthelekelela ukuba oku kunjalo.
Ngo-2016, enye inkampani ehloniphekileyo, nayo inkulu. Iqhawula iintonga zokugqibela kwaye iyenze ukuba i-hash, ebesiyenze ngaphambili ngokungacwangciswanga, ngoku itshintshe kwi-SYN nganye yokuhanjiswa kwakhona kwaye emva kwexesha le-RTO ngalinye. Kwaye kule leta, okokuqala kunye nexesha lokugqibela, eyona njongo iphambili ichaziwe - ukuqinisekisa ukuba i-traffic xa kwenzeka ilahleko okanye ukuxinana kweshaneli inamandla okuhanjiswa ngokukhawuleza kwaye isebenzise iindlela ezininzi. Kakade ke, emva koku bekukho iimpapasho ezininzi, unokuzifumana ngokulula.
Nangona hayi, awukwazi, kuba akuzange kubekho impapasho enye kulo mxholo. Kodwa siyazi!
Kwaye ukuba awuyiqondi ngokupheleleyo into eyenziwe, ndiya kukuxelela ngoku.
Kwenziwa ntoni, yeyiphi imisebenzi eyongeziweyo kwi-Linux kernel? txhash utshintsho kwixabiso elingaqhelekanga emva kwesiganeko ngasinye se-RTO. Esi sisiphumo esibi kakhulu somzila. I-hash ixhomekeke kule tshash, kunye neleyibhile yokuhamba ixhomekeke kwi-skb hash. Kukho ezinye izibalo kwimisebenzi apha; zonke iinkcukacha azinakubekwa kwisilayidi esinye. Ukuba nabani na unomdla, ungadlula kwikhowudi ye-kernel kwaye ujonge.
Yintoni ebalulekileyo apha? Ixabiso lommandla weleyibhile yokuqukuqela litshintshela kwinani elingacwangciswanga emva kwe-RTO nganye. Oku kuchaphazela njani umjelo wethu we-TCP onelishwa?
Ukuba i-SACK yenzeka, akukho nto iguqukayo kuba sizama ukuthumela ipakethe eyaziwayo elahlekileyo. Ukuthi ga, kuhle.
Kodwa kwimeko ye-RTO, ngaphandle kokuba songeze ileyibhile yokuhamba komsebenzi we-hash kwi-ToR, i-traffic ingathatha indlela eyahlukileyo. Kwaye okukhona iindlela ezininzi, kokukhona amathuba okuba ifumane indlela engachatshazelwa kukusilela kwisixhobo esithile.
Inye ingxaki eseleyo-i-RTO. Ewe, kukho enye indlela, kodwa ixesha elininzi lichithwe kule nto. I-200 ms ininzi. Isibini sisendle ngokupheleleyo. Ngaphambili, ndithethe malunga nokuphuma kwexesha ukuba iinkonzo ziqwalaselwe. Ke, okwesibini lixesha lokuvala, elidla ngokumiselwa yinkonzo kwinqanaba lesicelo, kwaye kule nkonzo iya kuba ichanekile. Ngaphezu koko, ndiyaphinda, i-RTT yokwenyani ngaphakathi kwiziko ledatha yanamhlanje ijikeleze i-1 millisecond.
Yintoni onokuyenza ngamaxesha e-RTO? Ixesha lokuvala, elijongene ne-RTO kwimeko yokulahleka kweepakethi zedatha, inokulungiswa ngokulula ukusuka kwindawo yomsebenzisi: kukho i-IP eluncedo, kwaye enye yeeparamitha zayo iqulethe i-rto_min efanayo. Uthathela ingqalelo ukuba i-RTO, ewe, kufuneka ihlengahlengiswe hayi kwihlabathi liphela, kodwa kwizimaphambili ezinikiweyo, umatshini onjalo ubonakala uyasebenza.
Yinyani, nge-SYN_RTO yonke into imbi noko. Ibethelelwa phantsi ngokwendalo. I-kernel inexabiso elimiselweyo le-1 yesibini, kwaye yiyo. Awukwazi ukufikelela apho ukwisithuba somsebenzisi. Inye kuphela indlela.
I-eBPF iza kuhlangula. Ukuyibeka ngokulula, ezi ziinkqubo ezincinci zeC. Ziyakwazi ukufakwa kwiikhonkco kwiindawo ezahlukeneyo ekuphunyezweni kwe-kernel stack kunye ne-TCP stack, apho unokutshintsha inani elikhulu kakhulu lezicwangciso. Ngokubanzi, i-eBPF yindlela yexesha elide. Esikhundleni sokusika ezininzi iiparamitha ze-sysctl kunye nokwandisa ukusetyenziswa kwe-IP, intshukumo iya kwi-eBPF kwaye yandisa ukusebenza kwayo. Usebenzisa i-eBPF, unokutshintsha ngokuguqukayo ulawulo lokuxinana kunye nezinye iisetingi ze-TCP ezahlukeneyo.
Kodwa kubalulekile kuthi ukuba ingasetyenziswa ukutshintsha SYN_RTO amaxabiso. Ngaphezu koko, kukho umzekelo othunyelwe esidlangalaleni: . Kwenziwa ntoni apha? Umzekelo uyasebenza, kodwa wona ngokwawo urhabaxa kakhulu. Apha kucingelwa ukuba ngaphakathi kwiziko ledatha sithelekisa iibhithi ezingama-44 zokuqala; ukuba ziyahambelana, ngoko singaphakathi kwiziko ledatha. Kwaye kulo mzekelo sitshintsha SYN_RTO ixabiso lokuphela kwexesha ukuya kwi-4ms. Umsebenzi ofanayo unokwenziwa ngobuchule ngakumbi. Kodwa lo mzekelo ulula ubonisa ukuba oku a) kunokwenzeka; b) ilula noko.
Yintoni esele siyazi? Inyani yokuba ulwakhiwo lwenqwelomoya luvumela ukukalwa, luye lwaba luncedo kakhulu kuthi xa senza ukuba ileyibhile yokuqukuqela isebenze kwi-ToR kwaye ufumane ukukwazi ukujikeleza kwiindawo ezinengxaki. Eyona ndlela yokunciphisa amaxabiso e-RTO kunye ne-SYN-RTO kukusebenzisa iinkqubo ze-eBPF. Umbuzo uhlala uhleli: ngaba kukhuselekile ukusebenzisa ileyibhile yokulinganisa? Kwaye kukho i-nuance apha.
Masithi unenkonzo kwinethiwekhi yakho ehlala kuyo nayiphi na icast. Ngelishwa, andinalo ixesha lokungena kwiinkcukacha malunga nokuba yintoni na i-anycast, kodwa yinkonzo esasazwayo kunye neeseva zomzimba ezahlukeneyo ezifikelelekayo ngedilesi ye-IP efanayo. Kwaye nantsi ingxaki enokwenzeka: isiganeko se-RTO asinakwenzeka kuphela xa itrafikhi idlula ilaphu. Inokuthi yenzeke kwinqanaba le-buffer ye-ToR: xa isiganeko se-incast sisenzeka, singenzeka nakwinginginya xa umamkeli echitha into. Xa isiganeko se-RTO sisenzeka kwaye sitshintsha ileyibhile yokuhamba. Kule meko, i-traffic inokuya komnye nawuphi na umzekelo. Makhe sicinge ukuba le yi-anycast esemthethweni, iqulethe imeko yoqhagamshelwano-inokuba yi-L3 Balancer okanye enye inkonzo. Emva koko kuvela ingxaki, kuba emva kwe-RTO uxhulumaniso lwe-TCP lufika kumncedisi, ongazi nto malunga nolu xhulumaniso lwe-TCP. Kwaye ukuba asinalo ukwabelana ngelizwe phakathi kwanoma yiyiphi na iseva, ngoko itrafikhi enjalo iya kuchithwa kwaye uxhumano lwe-TCP luya kwaphulwa.
Ungenza ntoni apha? Ngaphakathi kwendawo yakho elawulwayo, apho uvumela ukulinganisa ileyibhile yokugeleza, kufuneka urekhode ixabiso leleyibhile yokuhamba xa ufikelela kuyo nayiphi na iseva yokuphosa. Eyona ndlela ilula kukwenza oku ngenkqubo ye-eBPF efanayo. Kodwa nantsi inqaku elibaluleke kakhulu - ukuba wenze ntoni ukuba awusebenzisi inethiwekhi yeziko ledatha, kodwa ngaba umqhubi we-telecom? Le yingxaki yakho kwakhona: ukuqala ngeenguqulelo ezithile zeJuniper kunye neArista, zibandakanya ileyibhile yokuhamba kwimisebenzi yazo ye-hash ngokungagqibekanga - ngokungafihlisiyo, ngesizathu esingacacanga kum. Oku kunokubangela ukuba ulahle uqhagamshelo lwe-TCP kubasebenzisi abadlula kwinethiwekhi yakho. Ke ndincoma kakhulu ukujonga useto lwerouter zakho apha.
Enye indlela okanye enye, kubonakala kum ukuba sikulungele ukuqhubela phambili kwizilingo.
Xa sivumela ileyibhile yokuhamba kwi-ToR, salungiselela i-ejenti ye-eBPF, ehlala ngoku kwiinginginya, sagqiba ekubeni singalindi ukusilela okukhulu okulandelayo, kodwa senze ukuqhuma okulawulwayo. Sithathe i-ToR, ene-uplinks ezine, kwaye siseta amathontsi kwenye yazo. Babhala umthetho kwaye bathi - ngoku ulahlekelwa zonke iipakethi. Njengoko ubona ngakwesobunxele, sinokubeka iliso kwipakethi nganye, eye yehla ukuya kwi-75%, oko kukuthi, i-25% yeepakethi zilahlekile. Ekunene ziigrafu zeenkonzo eziphila emva kwale ToR. Ngokusisiseko, ezi ziigrafu zendlela yojongano kunye neeseva ngaphakathi kwirack. Njengoko ubona, zehla ngakumbi. Kutheni behla ngaphantsi - kungekhona nge-25%, kodwa kwezinye iimeko ngamaxesha angama-3-4? Ukuba uxhulumaniso lwe-TCP lunenhlanhla, luyaqhubeka nokuzama ukufikelela kwi-junction ephukile. Oku kwenziwa mandundu ngokuziphatha okuqhelekileyo kwenkonzo ngaphakathi kwe-DC - kwisicelo somsebenzisi omnye, izicelo ze-N kwiinkonzo zangaphakathi zenziwe, kwaye impendulo iya kumsebenzisi nokuba xa yonke imithombo yedatha iphendula, okanye xa ixesha liphelile kwisicelo. umgangatho, osafuna ukuqwalaselwa. Oko kukuthi, yonke into imbi kakhulu.
Ngoku lilingo elifanayo, kodwa ngexabiso leleyibhile yokuqukuqela yenziwe yasebenza. Njengoko ubona, ekhohlo iliso lethu lebhetshi lehle nge-25 efanayo%. Oku kuchanekile ngokupheleleyo, kuba ayazi nto malunga nokuthunyelwa kwakhona, ithumela iipakethi kwaye ibala nje umlinganiselo wenani leepakethi ezizisiweyo nezilahlekileyo.
Kwaye ngasekunene lucwangciso lwenkonzo. Awuyi kufumana isiphumo sokudityaniswa okuyingxaki apha. Kwezo millisecond ezifanayo, i-traffic yaphuma kwindawo yengxaki ukuya kwii-uplink ezintathu eziseleyo ezingazange zichaphazeleke yingxaki. Sinenethiwekhi eziphilisa ngokwayo.
Esi sisilayidi sam sokugqibela, ixesha lokushwankathela. Ngoku, ndiyathemba ukuba uyayazi indlela yokwakha inethiwekhi yeziko ledatha yokuziphilisa. Awuyi kudinga ukugqitha kwindawo yokugcina ye-Linux kernel kwaye ujonge iipatches ezikhethekileyo apho; uyazi ukuba ileyibhile ye-Flow kulo mzekelo isombulula ingxaki, kodwa kufuneka usondele kolu matshini ngononophelo. Kwaye ndigxininisa kwakhona ukuba ungumsebenzisi we-telecom, akufuneki usebenzise ileyibhile yokuhamba njengomsebenzi we-hash, kungenjalo uya kuphazamisa iiseshoni zabasebenzisi bakho.
Iinjineli zenethiwekhi kufuneka zingene kwinguqu yengqiqo: inethiwekhi ayiqali ngeToR, hayi ngesixhobo sothungelwano, kodwa ngomncedisi. Umzekelo oncomekayo yindlela esisebenzisa ngayo i-eBPF zombini ukutshintsha i-RTO kunye nokulungisa ileyibhile yokuqukuqela kuyo nayiphi na inkonzo yecast.
I-flow label mechanics ngokuqinisekileyo ifanelekile kwezinye izicelo ngaphakathi kwecandelo lolawulo olulawulwayo. Oku kunokuba yi-traffic phakathi kwamaziko edatha, okanye ungasebenzisa i-mechanics enjalo ngendlela ekhethekileyo yokulawula i-traffic ephumayo. Kodwa ndiza kukuxelela malunga noku, ndiyathemba, kwixesha elizayo. Enkosi kakhulu ngengqalelo yakho.
umthombo: www.habr.com